[PATCH] Fix security check for joint context= and fscontext= mount options
After some discussion on the actual meaning of the filesystem class
security check in try context mount it was determined that the checks for
the context= mount options were not correct if fscontext mount option had
already been used.
When labeling the superblock we should be checking relabel_from and
relabel_to. But if the superblock has already been labeled (with
fscontext) then context= is actually labeling the inodes, and so we should
be checking relabel_from and associate. This patch fixes which checks are
called depending on the mount options.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Cc: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 2e8b4df..a91c961 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -523,12 +523,16 @@
goto out_free;
}
- rc = may_context_mount_sb_relabel(sid, sbsec, tsec);
- if (rc)
- goto out_free;
-
- if (!fscontext)
+ if (!fscontext) {
+ rc = may_context_mount_sb_relabel(sid, sbsec, tsec);
+ if (rc)
+ goto out_free;
sbsec->sid = sid;
+ } else {
+ rc = may_context_mount_inode_relabel(sid, sbsec, tsec);
+ if (rc)
+ goto out_free;
+ }
sbsec->mntpoint_sid = sid;
sbsec->behavior = SECURITY_FS_USE_MNTPOINT;